‘Antivirus XP 2010’, Latest Rogue Security Software
Symantec, the security firm, said that Antivirus XP 2010, replica (clone) of the Antivirus2010, is one of the most widely found rogue security software at present.
Allegedly, Antivirus XP 2010 represents a fake AV program, which apparently scans for malicious software on end-users' PCs. However, the application actually mimics genuine security software while bluffing end-users that their PCs have dangerous malware infections.
Thus, the soul purpose of the rogue program is to fox the maximum number of users and get them to buy its 'complete' version that, in fact, is non-existent.
To circulate Antivirus XP 2010, spurious warez/video websites and fake online scanners are used. While running this application, it inundates the target PC with false notifications and warnings that malicious programs have compromised the system.
This rogue anti-virus will even imitate Windows Security Center. Moreover, this virus severely stops nearly all software, especially security software like anti-spyware and anti-virus programs at the very outset. It also disables Regedit, Task Manager as well as other Windows utilities.
Consequently, as this rogue application acquires prominence, Symantec outlines those purveyors of fake security software keep on frequently unleashing new copies to bypass detection by anti-virus scanners. These new clones use the original software's interface, its appearance and feel, with just the name altered.
Furthermore, Symantec reports that from its assessment of Antivirus2010, of which Antivirus XP 2010 is a subsidiary, it's revealed that the AV employs just one binary file to create several clones. Whenever this binary is run, the name of the application title that appears is changed. Thus, during the first instance of its running, the name appears as XP Antispyware 2010, but when run the second time, its name may change to XP Guardian 2010.
There are other associated names of Antivirus XP 2010 viz. XP Antivirus Pro, XP Antivirus and XP Internet Security 2010.
On a concluding note, to prevent this bogus AV from attacking, Symantec advises end-users to install software from only genuine security vendors. Additionally, end-users must always make sure that their genuine AV program is up-to-date and is potent to recognize potentially malicious and intrusive software.
Related article: “Loopholes did not cause online banking thefts”: ICBC
» SPAMfighter News - 19-04-2010